package john.wenzi.server.utils;

import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Map;

import javax.crypto.Cipher;

import org.apache.commons.codec.binary.Base64;

public class RSAUtil {
	/**
	 * 用于生成公钥和私钥
	 */
	public static void genKeyPair(Map<Integer, String> keyMap) throws NoSuchAlgorithmException {  
		// KeyPairGenerator类用于生成公钥和私钥对，基于RSA算法生成对象  
		KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");  
		// 初始化密钥对生成器，密钥大小为96-1024位  
		keyPairGen.initialize(1024,new SecureRandom());  
		// 生成一个密钥对，保存在keyPair中  
		KeyPair keyPair = keyPairGen.generateKeyPair();  
		RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();   // 得到私钥  
		RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();  // 得到公钥  
		String publicKeyString = new String(Base64.encodeBase64(publicKey.getEncoded()));  
		// 得到私钥字符串  
		String privateKeyString = new String(Base64.encodeBase64((privateKey.getEncoded())));  
		// 将公钥和私钥保存到Map
		keyMap.put(0,publicKeyString);  //0表示公钥
		keyMap.put(1,privateKeyString);  //1表示私钥
	}
	/** 
	 * RSA公钥加密 
	 */  
	public static String encrypt( String str, String publicKey ) throws Exception{
		//base64编码的公钥
		byte[] decoded = Base64.decodeBase64(publicKey);
		RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));
		//RSA加密
		Cipher cipher = Cipher.getInstance("RSA");
		cipher.init(Cipher.ENCRYPT_MODE, pubKey);
		String outStr = Base64.encodeBase64String(cipher.doFinal(str.getBytes("UTF-8")));
		return outStr;
	}
	/** 
	 * RSA私钥解密
	 */  
	public static String decrypt(String str, String privateKey) throws Exception{
		//64位解码加密后的字符串
		byte[] inputByte = Base64.decodeBase64(str.getBytes("UTF-8"));
		//base64编码的私钥
		byte[] decoded = Base64.decodeBase64(privateKey);  
        RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));  
		//RSA解密
		Cipher cipher = Cipher.getInstance("RSA");
		cipher.init(Cipher.DECRYPT_MODE, priKey);
		String outStr = new String(cipher.doFinal(inputByte));
		return outStr;
	}
	
	/** 
	    * RSA签名 
	    * @param content 待签名数据 
	    * @param privateKey 商户私钥 
	    * @return 签名值 
	    */
	public static String sign(String content, String privateKey){  
        try{  
            PKCS8EncodedKeySpec priPKCS8    = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey.getBytes("UTF-8")));   
              
            KeyFactory keyf = KeyFactory.getInstance("RSA");  
            PrivateKey priKey = keyf.generatePrivate(priPKCS8);  
  
            java.security.Signature signature = java.security.Signature.getInstance("SHA1WithRSA");  
  
            signature.initSign(priKey);  
            signature.update( content.getBytes("UTF-8"));  
  
            byte[] signed = signature.sign();  
              
            return Base64.encodeBase64String(signed);  
        }catch (Exception e){  
            e.printStackTrace();  
        }  
        return null;  
    }
	
	/** 
	    * RSA验签名检查 
	    * @param content 待签名数据 
	    * @param sign 签名值 
	    * @param publicKey 分配给开发商公钥 
	    * @return 布尔值 
	    */  
	    public static boolean doCheck(String content, String sign, String publicKey){  
	        try{  
	            KeyFactory keyFactory = KeyFactory.getInstance("RSA");  
	            byte[] encodedKey = Base64.decodeBase64(publicKey);  
	            PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));  
	  
	          
	            java.security.Signature signature = java.security.Signature.getInstance("SHA1WithRSA");  
	          
	            signature.initVerify(pubKey);  
	            signature.update( content.getBytes("UTF-8") );  
	          
	            boolean bverify = signature.verify( Base64.decodeBase64(sign) );  
	            return bverify;  
	              
	        }catch (Exception e){  
	            e.printStackTrace();  
	        }  
	          
	        return false;  
	    }
}
